What is MedicSolution and what services do they provide?

MedicSolution is a software provider that delivers cloud-based software for clinic and practice management, serving Brazil's healthcare sector. They provide technology solutions to help healthcare institutions manage their operations.

Which ransomware group was responsible for the MedicSolution attack?

The ransomware group KillSec claimed responsibility for the cyberattack on MedicSolution that occurred on September 8, 2025.

What types of sensitive information were exposed in the MedicSolution breach?

The stolen data includes medical evaluations and assessments, laboratory test results, X-ray images, unredacted patient photographs including images showing body parts, records related to minors, and personally identifiable information (PII).

Were records of minors compromised in the MedicSolution attack?

Yes, the stolen data includes records related to minors, making this breach particularly concerning as it involves sensitive medical information of children.

How many patients were affected by the MedicSolution data breach?

The exact number of affected individuals has not been disclosed by MedicSolution or the attackers.

Has MedicSolution responded publicly to the cyberattack?

As of the reported incident, MedicSolution has not issued a public response regarding the cyberattack claimed by the KillSec ransomware group.

What is the significance of the AWS cloud bucket misconfiguration?

The misconfigured AWS cloud buckets were left exposed, which allowed the attackers to gain unauthorized remote access to sensitive healthcare data without needing to penetrate MedicSolution's internal systems, highlighting the importance of proper cloud security configurations.

What types of medical images were compromised in the MedicSolution breach?

The compromised data includes X-ray images and unredacted patient photographs, including sensitive images showing body parts, representing a severe privacy violation for affected patients.

Is this MedicSolution breach limited to Brazil?

Based on the information available, MedicSolution serves Brazil's healthcare sector, and the affected institutions mentioned appear to be Brazilian healthcare facilities, suggesting the breach primarily impacts patients and healthcare providers in Brazil.

What should patients of affected Brazilian healthcare institutions do?

Patients who have received services from the affected institutions should monitor for any suspicious communications, be cautious of potential identity theft or medical identity theft, and contact their healthcare providers for specific guidance. They should also be aware that sensitive medical images and records may have been compromised.

Incident

KillSec Ransomware group hits Brazilian healthcare software provider MedicSolution

Q: How did the attackers gain access to MedicSolution's data?

The root cause of the incident was misconfigured AWS cloud buckets that were left exposed, allowing unauthorized remote access without requiring actual penetration into MedicSolution's internal systems.

Q: How much data was stolen in the MedicSolution attack?

The KillSec group claims to have obtained more than 34 GB of data comprising 94,818 files from MedicSolution's systems.

Q: Which healthcare institutions were affected by the MedicSolution breach?

The stolen files appear to involve multiple institutions including Vita Exame, Clinica Especo Vida, Centro Diagnostico Toledo, Labclinic, and Laboratório Alvaro, among others that use MedicSolution's software services.

published: Sept. 10, 2025

Learn More

The ransomware group KillSec claimed responsibility for a cyberattack on MedicSolution, a software provider serving Brazil's healthcare sector, on September 8, 2025, threatening to leak stolen data unless negotiations were initiated.

MedicSolution delivers cloud-based software for clinic and practice management. The root cause of the incident was a misconfigured AWS cloud buckets that were left exposed, allowing unauthorized remote access without requiring actual penetration into MedicSolution's internal systems.

The group claims to have obtained more than 34 GB of data comprising 94,818 files including:

Medical evaluations and assessments
Laboratory test results
X-ray images
Unredacted patient photographs, including images showing body parts
Records related to minors
Personally identifiable information (PII)

The stolen files appear to involve multiple institutions: Vita Exame, Clinica Especo Vida, Centro Diagnostico Toledo, Labclinic, and Laboratório Alvaro, among others.

The exact number of affected individuals has not been disclosed. MedicSolution has not issued a public response regarding the incident.

KillSec Ransomware group hits Brazilian healthcare software provider MedicSolution

Read More
HTC Global Services reports cyberattack, data leaked online
Researchers discover DeepSeek servers exposed unprotected leaking sensitive …
NXP Semiconductors reports Data Breach
HR ciant Workday reports data breach caused by …
Iron Mountain Data Breach Claimed by Everest Extortion …